A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:cert@youfone.nl
Expires: 2025-01-08T23:00:00.000Z
Encryption: https://www.youfone.nl/pgp.txt
Canonical: https://www.youfone.nl/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEyJo8cWaREBNCymcGiYku4cQhSzMFAmXcgd8ACgkQiYku4cQh
SzMWjQv+MG6YJSAkqz6yoRoGZNt7wDXETESY7OT1FQDS25eQipd4Lre2XS2Mimzd
uYs1KfardEw+cYXPT73MzKpwi0arlrFkBZWQA0p3YuIW6kS/kCc1wW5PBreeqGX5
VKycnS1Ww3nvHPcckT4HDrcEtlbZQ/PTgBuFvHBmSiaoekrVMckK0C8gPOIo9B3M
4rYIBDbW8+10odbeYyjVY4C5Cdc4vhAHCqVjzKUzOMfqZ4cKKUFwC1qQX6cTxIeN
ZkIor9moxpd8z3CzF0pJhR3nNivqAs9YZJJB3XfGyoL3iBmU/XADR1ipnS4uhEVw
sY1Ni5ciRctUGOm9Q8/PYX707FfQURK9QYuK/GBOsBwv+UNKkt2NoKvnNwbLbm4y
6vhCtnWulIgLgCnBitTPjTm+gn4LyjWF2Woubf9nVd8dXsIqkjpg85pQd0Ng+orN
mNULmGOcZYuNYFtOuZclPM6KoQOdN0O+QPUzQkQK9m9SaIBMJVNhUWIgNIHgzKZQ
4xQVoAGK
=Pxob
-----END PGP SIGNATURE-----